Virtual Private Network VPN

1
Virtual Private Network (VPN)

• Lisa McCormick
• December 4, 2002

2
History

• Communication restricted within a site
• Communication between sites using private leased
  lines
• Internet emerged, corporations still used private
  leased lines
• VPN technology made the Internet viable
  alternative

3
Enabling Technologies

• Internet
• Security
• Encryption
• Authentication

4
VPN Implementations

• Intranet
• Between internal company departments to secure
  sensitive information
• Extranet
• Between companies to connect partners, suppliers
  and customers
• Remote
• Between companys network and remote or mobile
  employees

5
4 VPN Technologies

• Trusted
• Secure
• Hybrid
• Provider-Provisioned

6
Trusted VPN

• Service providers use the Internet for data
  communications
• Do not offer security from modification or
  sniffing
• Assure paths and the properties of the path such
  as QoS

7
Secure VPN

• Assurance of security from modification or
  sniffing
• All data is encrypted
• Authentication required
• Tunneling is used
• VPN Consortium states many protocols allow
  creation of VPN that have authentication but no
  encryption It is not a VPN because it isnt
  private

8
Hybrid VPN

• Trusted and Secure VPNs not mutually exclusive
• Companies require both Trusted and Secure
• Hybrid new and evolving

9
Provider-Provisioned VPN

• VPNs that are administered by a service provider
• Secure VPNs may be administered by provider
• Trusted VPNs always administered by provider
• Hybrid VPNs, the trusted part is always
  administered by provider

10
Encryption

• Symmetric
• Each computer receiving data must have key to
  decrypt data.
• Asymmetric (A.K.A. PKE)
• Public key and private key
• Use public key of sender to encrypt data
• Use private key to decrypt data

11
Tunneling

• Encrypts and encapsulates own network protocol
  within the Internet protocol (IP)
• Requires 3 protocols
• Passenger Protocol ex. IP, IPX, NetBEUI
• Encapsulating Protocol ex. IPSec, PPTP, L2TP
• Carrier Protocol ex. IP

12
Tunneling
The truck is the carrier protocol, the box is the
encapsulating protocol and the computer is the
passenger protocol
13
Encapsulating Protocols

• PPTP and L2TP are strictly tunneling protocols
  (layer 2 protocols)
• IPSec is collection of related protocols that
  define security measures such as encryption,
  authentication as well as tunneling (layer 3
  protocol)

14
IPSec

• IPSec may be used as complete VPN protocol or as
  encryption scheme within PPTP or L2TP
• Only standard being driven by major networks
• To ensure compatibility choose VPN equipment
  IPSec compliant

15
Future

• Smaller and easier to use, plug and play
• Authentication technologies will grow, i.e.
  biological solutions like iris recognition
• Encryption will continuously evolve to stay ahead
  of hackers
• More Hybrid VPN solutions, providing both QoS and
  security Standards for Hybrids will evolve
• Wireless use
• Intranet implementation used more to secure data
  within corporations